Allow passing empty values through for variables, covers with test, closes #2433
This commit is contained in:
Dane Everitt
parent
bf6e1ce966
commit
d8228f2da8
4 changed files with 232 additions and 2 deletions
|
|
@ -100,7 +100,7 @@ class StartupController extends ClientApiController
|
|||
'server_id' => $server->id,
|
||||
'variable_id' => $variable->id,
|
||||
], [
|
||||
'variable_value' => $request->input('value'),
|
||||
'variable_value' => $request->input('value') ?? '',
|
||||
]);
|
||||
|
||||
$variable = $variable->refresh();
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ class UpdateStartupVariableRequest extends ClientApiRequest
|
|||
{
|
||||
return [
|
||||
'key' => 'required|string',
|
||||
'value' => 'present|string',
|
||||
'value' => 'present',
|
||||
];
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,69 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Tests\Integration\Api\Client\Server\Startup;
|
||||
|
||||
use Pterodactyl\Models\User;
|
||||
use Pterodactyl\Models\Permission;
|
||||
use Pterodactyl\Models\EggVariable;
|
||||
use Pterodactyl\Tests\Integration\Api\Client\ClientApiIntegrationTestCase;
|
||||
|
||||
class GetStartupAndVariablesTest extends ClientApiIntegrationTestCase
|
||||
{
|
||||
/**
|
||||
* Test that the startup command and variables are returned for a server, but only the variables
|
||||
* that can be viewed by a user (e.g. user_viewable=true).
|
||||
*
|
||||
* @param array $permissions
|
||||
* @dataProvider permissionsDataProvider
|
||||
*/
|
||||
public function testStartupVariablesAreReturnedForServer($permissions)
|
||||
{
|
||||
/** @var \Pterodactyl\Models\Server $server */
|
||||
[$user, $server] = $this->generateTestAccount($permissions);
|
||||
|
||||
$egg = $this->cloneEggAndVariables($server->egg);
|
||||
// BUNGEE_VERSION should never be returned back to the user in this API call, either in
|
||||
// the array of variables, or revealed in the startup command.
|
||||
$egg->variables()->first()->update([
|
||||
'user_viewable' => false,
|
||||
]);
|
||||
|
||||
$server->fill([
|
||||
'egg_id' => $egg->id,
|
||||
'startup' => 'java {{SERVER_JARFILE}} --version {{BUNGEE_VERSION}}',
|
||||
])->save();
|
||||
$server = $server->refresh();
|
||||
|
||||
$response = $this->actingAs($user)->getJson($this->link($server) . "/startup");
|
||||
|
||||
$response->assertOk();
|
||||
$response->assertJsonPath('meta.startup_command', 'java bungeecord.jar --version [hidden]');
|
||||
$response->assertJsonPath('meta.raw_startup_command', $server->startup);
|
||||
|
||||
$response->assertJsonPath('object', 'list');
|
||||
$response->assertJsonCount(1, 'data');
|
||||
$response->assertJsonPath('data.0.object', EggVariable::RESOURCE_NAME);
|
||||
$this->assertJsonTransformedWith($response->json('data.0.attributes'), $egg->variables[1]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that a user without the required permission, or who does not have any permission to
|
||||
* access the server cannot get the startup information for it.
|
||||
*/
|
||||
public function testStartupDataIsNotReturnedWithoutPermission()
|
||||
{
|
||||
[$user, $server] = $this->generateTestAccount([Permission::ACTION_WEBSOCKET_CONNECT]);
|
||||
$this->actingAs($user)->getJson($this->link($server) . "/startup")->assertForbidden();
|
||||
|
||||
$user2 = factory(User::class)->create();
|
||||
$this->actingAs($user2)->getJson($this->link($server) . "/startup")->assertNotFound();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array[]
|
||||
*/
|
||||
public function permissionsDataProvider()
|
||||
{
|
||||
return [[[]], [[Permission::ACTION_STARTUP_READ]]];
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,161 @@
|
|||
<?php
|
||||
|
||||
namespace Pterodactyl\Tests\Integration\Api\Client\Server\Startup;
|
||||
|
||||
use Pterodactyl\Models\User;
|
||||
use Illuminate\Http\Response;
|
||||
use Pterodactyl\Models\Permission;
|
||||
use Pterodactyl\Models\EggVariable;
|
||||
use Pterodactyl\Tests\Integration\Api\Client\ClientApiIntegrationTestCase;
|
||||
|
||||
class UpdateStartupVariableTest extends ClientApiIntegrationTestCase
|
||||
{
|
||||
/**
|
||||
* Test that a startup variable can be edited successfully for a server.
|
||||
*
|
||||
* @param array $permissions
|
||||
* @dataProvider permissionsDataProvider
|
||||
*/
|
||||
public function testStartupVariableCanBeUpdated($permissions)
|
||||
{
|
||||
/** @var \Pterodactyl\Models\Server $server */
|
||||
[$user, $server] = $this->generateTestAccount($permissions);
|
||||
$server->fill([
|
||||
'startup' => 'java {{SERVER_JARFILE}} --version {{BUNGEE_VERSION}}',
|
||||
])->save();
|
||||
|
||||
$response = $this->actingAs($user)->putJson($this->link($server) . '/startup/variable', [
|
||||
'key' => 'BUNGEE_VERSION',
|
||||
'value' => '1.2.3',
|
||||
]);
|
||||
|
||||
$response->assertStatus(Response::HTTP_UNPROCESSABLE_ENTITY);
|
||||
$response->assertJsonPath('errors.0.code', 'ValidationException');
|
||||
$response->assertJsonPath('errors.0.detail', 'The value may only contain letters and numbers.');
|
||||
|
||||
$response = $this->actingAs($user)->putJson($this->link($server) . '/startup/variable', [
|
||||
'key' => 'BUNGEE_VERSION',
|
||||
'value' => '123',
|
||||
]);
|
||||
|
||||
$response->assertOk();
|
||||
$response->assertJsonPath('object', EggVariable::RESOURCE_NAME);
|
||||
$this->assertJsonTransformedWith($response->json('attributes'), $server->variables[0]);
|
||||
$response->assertJsonPath('meta.startup_command', 'java bungeecord.jar --version 123');
|
||||
$response->assertJsonPath('meta.raw_startup_command', $server->startup);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that variables that are either not user_viewable, or not user_editable, cannot be
|
||||
* updated via this endpoint.
|
||||
*
|
||||
* @param array $permissions
|
||||
* @dataProvider permissionsDataProvider
|
||||
*/
|
||||
public function testStartupVariableCannotBeUpdatedIfNotUserViewableOrEditable(array $permissions)
|
||||
{
|
||||
/** @var \Pterodactyl\Models\Server $server */
|
||||
[$user, $server] = $this->generateTestAccount($permissions);
|
||||
|
||||
$egg = $this->cloneEggAndVariables($server->egg);
|
||||
$egg->variables()->where('env_variable', 'BUNGEE_VERSION')->update(['user_viewable' => false]);
|
||||
$egg->variables()->where('env_variable', 'SERVER_JARFILE')->update(['user_editable' => false]);
|
||||
|
||||
$server->fill(['egg_id' => $egg->id])->save();
|
||||
$server->refresh();
|
||||
|
||||
$response = $this->actingAs($user)->putJson($this->link($server) . '/startup/variable', [
|
||||
'key' => 'BUNGEE_VERSION',
|
||||
'value' => '123',
|
||||
]);
|
||||
|
||||
$response->assertStatus(Response::HTTP_BAD_REQUEST);
|
||||
$response->assertJsonPath('errors.0.code', 'BadRequestHttpException');
|
||||
$response->assertJsonPath('errors.0.detail', 'The environment variable you are trying to edit does not exist.');
|
||||
|
||||
$response = $this->actingAs($user)->putJson($this->link($server) . '/startup/variable', [
|
||||
'key' => 'SERVER_JARFILE',
|
||||
'value' => 'server2.jar',
|
||||
]);
|
||||
|
||||
$response->assertStatus(Response::HTTP_BAD_REQUEST);
|
||||
$response->assertJsonPath('errors.0.code', 'BadRequestHttpException');
|
||||
$response->assertJsonPath('errors.0.detail', 'The environment variable you are trying to edit is read-only.');
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that a hidden variable is not included in the startup_command output for the server if
|
||||
* a different variable is updated.
|
||||
*/
|
||||
public function testHiddenVariablesAreNotReturnedInStartupCommandWhenUpdatingVariable()
|
||||
{
|
||||
/** @var \Pterodactyl\Models\Server $server */
|
||||
[$user, $server] = $this->generateTestAccount();
|
||||
|
||||
$egg = $this->cloneEggAndVariables($server->egg);
|
||||
$egg->variables()->first()->update(['user_viewable' => false]);
|
||||
|
||||
$server->fill([
|
||||
'egg_id' => $egg->id,
|
||||
'startup' => 'java {{SERVER_JARFILE}} --version {{BUNGEE_VERSION}}',
|
||||
])->save();
|
||||
|
||||
$server->refresh();
|
||||
|
||||
$response = $this->actingAs($user)->putJson($this->link($server) . '/startup/variable', [
|
||||
'key' => 'SERVER_JARFILE',
|
||||
'value' => 'server2.jar',
|
||||
]);
|
||||
|
||||
$response->assertOk();
|
||||
$response->assertJsonPath('meta.startup_command', 'java server2.jar --version [hidden]');
|
||||
$response->assertJsonPath('meta.raw_startup_command', $server->startup);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that an egg variable with a validation rule of 'nullable|string' works if no value
|
||||
* is passed through in the request.
|
||||
*
|
||||
* @see https://github.com/pterodactyl/panel/issues/2433
|
||||
*/
|
||||
public function testEggVariableWithNullableStringIsNotRequired()
|
||||
{
|
||||
/** @var \Pterodactyl\Models\Server $server */
|
||||
[$user, $server] = $this->generateTestAccount();
|
||||
|
||||
$egg = $this->cloneEggAndVariables($server->egg);
|
||||
$egg->variables()->first()->update(['rules' => 'nullable|string']);
|
||||
|
||||
$server->fill(['egg_id' => $egg->id])->save();
|
||||
$server->refresh();
|
||||
|
||||
$response = $this->actingAs($user)->putJson($this->link($server) . '/startup/variable', [
|
||||
'key' => 'BUNGEE_VERSION',
|
||||
'value' => '',
|
||||
]);
|
||||
|
||||
$response->assertOk();
|
||||
$response->assertJsonPath('attributes.server_value', null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test that a variable cannot be updated if the user does not have permission to perform
|
||||
* that action, or they aren't assigned at all to the server.
|
||||
*/
|
||||
public function testStartupVariableCannotBeUpdatedIfNotUserViewable()
|
||||
{
|
||||
[$user, $server] = $this->generateTestAccount([Permission::ACTION_WEBSOCKET_CONNECT]);
|
||||
$this->actingAs($user)->putJson($this->link($server) . "/startup/variable")->assertForbidden();
|
||||
|
||||
$user2 = factory(User::class)->create();
|
||||
$this->actingAs($user2)->putJson($this->link($server) . "/startup/variable")->assertNotFound();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return \array[][]
|
||||
*/
|
||||
public function permissionsDataProvider()
|
||||
{
|
||||
return [[[]], [[Permission::ACTION_STARTUP_UPDATE]]];
|
||||
}
|
||||
}
|
||||
Loading…
Reference in a new issue